Anonymous User 20287723
(@anonymized-20287723)
Hello! Are you saying this is a field like this:
<input type="date" name="prezzi_1da"
Or is it:
<input type="text" name="prezzi_1da"
Or maybe it’s datetime or datetime-local? It’d help to know what type of field you’re using, first.
These are the fields:
<td>
<input type="date" id="periodo_1da" name="periodo_1da" class="list_prezzi" ><?php echo esc_attr( get_the_author_meta( 'periodo_1da', $user->ID ) ); ?><br/>
<span class="locazione">prezzo dal</span>
</td>
<td>
<input type="date" id="periodo_1a" name="periodo_1a" class="list_prezzi" ><?php echo esc_attr( get_the_author_meta( 'periodo_1a', $user->ID ) ); ?><br/>
<span class="locazione">al</span>
</td>
My purpose is to write a date range for a list price, i.e.: 9/9/2023-16/9/2023: 400 €. From the author (agency) level I manage the periods and from the post (apartment) level I manage the prices. But I dont want to save the meta data as date range, I just write a date than another date
Anonymous User 20287723
(@anonymized-20287723)
“I just write a date than another date”
This is the part you need to explain more fully, please. I’m not on your project so you need to start at the beginning and be detailed. Maybe write a lot in Italian and I will use a translator.
there is not a general rule to sanitize date fields? Something like sanitize_text_field for a text field
Anonymous User 20287723
(@anonymized-20287723)
Date type fields can be sanitized using sanitize_text_field. They transmit a string. So why not?
Without seeing all your code and understanding what you’re trying to do, it’s hard to help further.
If the only allowed characters are 0-9, - or /, you could validate and sanitize with something like:
$periodo_1da = preg_filter('![^0-9-/]+!', '', $_POST['periodo_1da']);
This strips out any characters that match the regex. The ^ regex symbol is for negation, so it’s saying match anything that is not listed. Thus you can add or remove any characters you like that should be retained or stripped accordingly.
I’m getting one output but out of the date picker https://ibb.co/JckkfPS
update_user_meta( $user_id, 'periodo_1da', sanitize_text_field( $_POST['periodo_1da'] ) );
update_user_meta( $user_id, 'periodo_1a', sanitize_text_field( $_POST['periodo_1a '] ) );
but now I’m getting nothing, even using
$periodo_1da = preg_filter('![^0-9-/]+!', '', $_POST['periodo_1da']);
Maybe the problem is in my fields?
<td>
<input type="date" id="periodo_1da" name="periodo_1da" class="list_prezzi" ><?php echo esc_attr( get_the_author_meta( 'periodo_1da', $user->ID ) ); ?><br/>
<span class="da">prezzo dal</span>
</td>
<td>
<input type="date" id="periodo_1a" name="periodo_1a" class="list_prezzi" ><?php echo esc_attr( get_the_author_meta( 'periodo_1a', $user->ID ) ); ?><br/>
<span class="a">al</span>
</td>
I’va done today what I did yesterday but with a simple text field: https://ibb.co/hWqjZY5
The result is the same. I though it was more confortable to insert the periods on calendars, this is not so sure. Anyway I’d like to learn how to use my first method (with calendars), what I need is sanitizing the fields and get the dates fixed somewhere
The result is : https://ibb.co/wJTC2tj
A period managed from author (agency) position, and a price managed from post (apartment) position
Did you try this:
update_user_meta( $user_id, 'periodo_1da', preg_filter('![^0-9-/]+!', '', $_POST['periodo_1da'] ) ); ?
Fields look OK, all that really matters is the type and name attributes.
You use $user_id in one place and $user->ID in another. It may be correct, but it looks a little suspicious. Double check that you’re saving data with the same ID value that you’re getting data with.
